Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Nat Translation

Status
Not open for further replies.
taos1234

taos1234

MIS
Joined
May 14, 2002
Messages
3
Location
US
I am trying to configure a 2600 to router for Internet Access. Not sure why my Nat translations are not working. I'm trying to get inside machines to gain internet access through Ethernet0/0. From the router I can ping to any outside address and I can also ping to any inside address. From any inside machine, I cannot ping past the router. Below is my current configuration:

interface FastEthernet0/0
description Line to DSL
ip address x.x.x.28 255.255.255.240
ip nat outside
speed auto
half-duplex
!
interface Serial0/0
description T1 line to Colo-location
ip address 100.100.100.1 255.255.255.0
ip nat inside
!
interface FastEthernet0/1
description inside LAN
ip address 100.100.200.1 255.255.255.0
ip nat inside
speed auto
half-duplex
!
ip nat pool ovrld x.x.x.1 x.x.x.1 prefix-length 24
ip nat inside source list 3 pool ovrld overload
ip classless
ip route 0.0.0.0 0.0.0.0 x.x.x.1
ip http server
!

access-list 7 permit 100.100.200.0 0.0.0.128


Not a Cisco Expert, can anyone help me out??


 
Sort by date Sort by votes
Where is source list 3? Also, make sure those machines have the appropriate gateway/default address?
 
Upvote 0 Downvote
This is what I meant:

ip nat inside source list 7 pool ovrld overload

The inside machines have a default gateway of 100.100.200.1
 
Upvote 0 Downvote
Here's some things I noticed.

The subnet-mask on f0/0 is .240 which tells me you have 16 usable public IP addresses. But the IP address you're using for nat(x.x.x.1) is not in the same range of 16 addresses as the IP you've got on you're f0/0 WAN interface (x.x.x.28). It should be, so you'll need to resolve what public IP range you have, an use an unused IP in there.

Next, try this for a nat access-list:
access-list 7 permit 100.100.0.0 0.0.255.255

Also, in your "ip nat pool' statement, I make the prefix-length equal to my public IP range. Try:
ip nat pool ovrld x.x.x.1 x.x.x.1 netmask 255.255.255.240

Hope this helps,
-gbiello
 
Upvote 0 Downvote
I have to admit that I'm a little rusty on my NAT, but you seem to be translating to a subnet that doesn't match that of your E0/0 interface. Also, you assigned the whole subnet of 100.100.200.1 255.255.255.0 to E0/1 yet your source list only covers half that. Just curious?
 
Upvote 0 Downvote
Thanks for the help. I addedd a defaut gateway of 66.35.222.1 and everything works fine. Now I need to allow specific ports through the router using access-list. Any suggestions??
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

darktriad
  • Locked
  • Question Question
Cisco ASA 9.4: Configuring NAT
Replies
0
Views
354
darktriad
darktriad
d3nn15
  • Locked
  • Question Question
need to program over 100 rules in cisco translation profiles
Replies
1
Views
487
whykap
whykap
netguy2000
  • Locked
  • Question Question
Cisco router 1841 NAT/PAT problem
Replies
0
Views
263
netguy2000
netguy2000
ngtri
  • Locked
  • Question Question
Please, need your help to check my configurations. NAT and HSRP
Replies
0
Views
308
ngtri
ngtri
DarthPanda
  • Locked
  • Question Question
No Telnet after NAT outside
Replies
2
Views
349
DarthPanda
DarthPanda

Part and Inventory Search

Sponsor

Back
Top